Senior Vulnerability Management Analyst

What you'll do :

• Analyze and prioritize vulnerabilities from internal scans, pen tests, threat intelligence, and red team exercises across infrastructure and cloud environments.
• Lead coordination efforts with infrastructure, cloud, and application teams to ensure timely remediation and secure configurations.
• Drive continuous improvement of vulnerability management processes through automation, tool optimization, and integrations.
• Develop and present reports and dashboards to leadership, highlighting remediation progress, risk trends, and strategic insights.
• Stay informed on emerging threats, vulnerabilities, and industry best practices to guide infrastructure security strategy.
• Review and maintain SOPs, runbooks, and ISMS documentation to support audit readiness and operational consistency.
• Mentor junior analysts and contribute to team knowledge sharing and capability building.
• Work closely with other security functions to ensure alignment and efficiency across ZS’s security operations.
• Leverage AI tools to automate tasks, enhance reporting, and improve vulnerability detection and response.

What you'll bring :

• Bachelor’s degree in information security, IT, Computer Science, or a related field.
• 4–6 years of experience in vulnerability management, infrastructure security, or related domains.
• Strong understanding of the vulnerability management lifecycle and cloud environments (AWS, Azure, GCP).
• Hands-on experience with VAPT tools such as Tenable (Nessus), Rapid7, Qualys, Wiz, and open-source alternatives.
• Familiarity with CSPM and CNAPP platforms and their role in cloud security.
• Demonstrated experience in handling security incidents and coordinating remediation efforts.
• Excellent communication, presentation, and stakeholder management skills.
• Ability to translate technical findings into business-relevant insights and recommendations.
• Highly self-motivated, proactive, and capable of working independently or leading small initiatives.
• Flexibility to work late shifts as needed to collaborate with leadership teams based in the United States.
• Industry certifications such as CEH, Security+, or equivalent preferred.